How to Lose $225,000 in a Wire Transfer Fraud Scheme

If you’re involved in real estate or if you move money around through banks or if you’re alive and have a pulse, this article should strike fear into your heart.

I hope it does. That’s certainly my goal. That’s precisely the effect this story had on me as a multifamily syndicator. I recently had a long talk with a friend and fellow multifamily real estate investor about his first year in business. Let’s call him John.

John raises capital for a syndicator, and he’s really good at it. John left a high-paying job in a national company to raise money and work toward syndicating deals on his own. Like me, in mid-career, John discovered the powerful demographics that have led to the profitability and safety of multifamily investing.

If you haven’t heard, raising capital for real estate deals can be hard. Very hard. Most of us only have so many friends and family—those who know, like, and trust us—that we can call on to invest when we’re getting started. And it’s especially challenging because at the very time that capital raisers need to be most credible before their potential investors, they have the least experience in their new field.

After we have experience, we can often move on to find larger or different investors we don’t know, and we will no longer need to rely on our circle of immediate influence. If you haven’t tried raising money yet, I predict you’ll have this same experience when you do.

I’ve seen new capital development folks who spend a few years spinning their wheels to only raise a small amount of capital. Many give up and try their hand at something different or co-invest with more established firms. I’ve known several investors who went down this path.

But John wasn’t one of them.

In his first opportunity to raise capital, John surprised himself and his syndicator/coach. He raised over a million dollars in a few weeks—certainly far above the norm.

Note:For you who are new to capital raising, know that there’s a big difference between having people interested in investing and actual investors. And there is even a difference between having committed investors and getting money in your bank account.

Even investors who have signed all of the paperwork sometimes back out. This is widely known among capital development pros, but often comes as a surprise to those who are new to the game.

Pros know that you have to have a large funnel of serious interest to get the funds you actually need to close.

We hope you never have to evict a tenant, but know it’s always wise to prepare for the worst. Navigating the legal and financial considerations of an eviction can be tricky, even for the most experienced landlords. Lucky for you, the experts at BiggerPockets have put together a FREE Guide to Evicting Tenants so you can protect your property and investments.

Where Things Went Wrong

Are you old enough to remember what you were doing when Kennedy was shot?

Or when Elvis died?

Or when the space shuttle crashed?

Or if you’re really young, when you heard that Trump was elected President?

Most of us remember exactly where we were when shocking news hits the airwaves.

John remembers his fateful moment. It is burned in his brain forever.

His investors had signed a PPM (private placement memorandum), and they were ready to invest. His syndication partner had sent John a simple email with the subject line “wire instructions.” John had forwarded that email to 13 investors who were about to invest a total of the $1 million they had committed. This was a Thursday afternoon.

On Monday morning, the moment came that will be forever etched in John’s memory. He was walking across his office, when the phone rang. It was one of his investors, a friend who he had a mutual trusting relationship with.

“I got a call from the Global Security Department of my bank. They said the account I tried to wire funds to was a fraudulent account.”

This was John’s “Elvis moment.” He turned pale white. His insides wanted to be on his outside (but he resisted the urge).

If this was really a bogus account, a dozen other people had these same wire instructions.

John quickly emailed the group and instructed them to not wire their funds if they hadn’t already. “I’ll have some new instructions for you soon.”

After taking a moment to catch his breath, he dialed the Global Security Officer. He learned that something was very wrong.

It turns out that “only four” of the 13 investors had wired their funds. But these four represented $225,000 in investor funds.

What Went Wrong?

If I was John, I would have certainly wondered about the credibility of my syndicator. But John knew him well and trusted him. Still, the fact remained that his syndicator friend had sent him an email with wire instructions to a fraudulent account.

What the heck was going on?

BiggerPockets readers are pretty smart. So you may have already guessed what John found out next.

The syndicator’s email had been fraudulently intercepted and directed to John’s spam filter. The fraudsters had made a nearly exact copy of that email, using their fraudulent bank account, and sent it to John’s inbox.

No one examining the email would have guessed. The FBI later explained how the email phishing scheme worked and pointed out a few telltale signs within the email that was transmitted.

But the funds were gone. Forever. The fraudsters had immediately withdrawn them from the major New York bank account as they arrived from the four investors.

What Now?

Of course, they immediately turned to the FDIC—the Federal Deposit Insurance Corporation. But they were no help. The government doesn’t insure wire transfers, just bank accounts.

John and his syndicator are good guys. Their investors came out unscathed. In fact, all four investors knew the full story and reinvested with John in their most recent deal a few months back.

How Do You Protect Yourself?

John and their team immediately set up new processes to protect themselves and investors. You can learn from what they did.

First of all, they set up a written process—a guaranteed plan to be sure that wire instructions are never sent outside of the guidelines they’ve established, with one point of contact that transmits all information.

Second, they will never send out wire instructions through regular email again—not in the body of an email, not in an attachment. All wire instructions and other sensitive financial information are sent out via secure encrypted processes like DocuSign or SignNow.

Third, they have their investors and bankers call them to verbally confirm wire information. John tells investors to call him anytime. He’ll take that call.

This disaster could have been worse:

All $1 million could have been wired to the fraudsters.

The syndicators, capital-raiser, and investors could have blame-shifted and pointed fingers.

John and the syndicator could have not had the funds to replace lost investor cash before closing.

In the process of writing this article, I learned that this type of scheme is more common than I thought. There are many articles about it online.

I called Perry Underwood, a friend who owns Choice Title Company in Ringgold, GA, near Chattanooga. He told me about someone at another firm in town who just lost $300,000 to a similar scam—and another in Nashville who lost $800,000.

These fraudsters are especially targeting title companies, so make sure yours is compliant.

[Editor’s Note: We are republishing this article to help out our newer readers.]

So now I have a question for you: What do you do to protect your sensitive financial information from fraudsters?

Let me know with a comment!

Free eBook from BiggerPockets!

Join BiggerPockets and get The Ultimate Beginner's Guide to Real
Estate Investing for FREE - read by more than 100,000 people -
AND get exclusive real estate investing tips, tricks, and techniques
delivered straight to your inbox twice weekly!

About Author

After graduating with an engineering degree and then an MBA from Ohio State, Paul started on the management development track at Ford Motor Company in Detroit. After five years, he departed to start a staffing company with a partner. They sold it to a publicly traded firm for $2.9 million five years later. Along the way, Paul was Finalist for Ernst & Young's Michigan Entrepreneur of the Year two years straight. Paul later entered the real estate sector, where he completed 85 real estate investments and exits, appeared on an HGTV Special, rehabbed and managed dozens of rental properties, developed a waterfront subdivision, and started two successful online real estate marketing firms. Three successful developments, including assisting with development of a Hyatt hotel and a multifamily housing project, led him into the multifamily investment arena. Paul co-hosts a wealth-building podcast called How to Lose Money and is a frequent contributor to BiggerPockets, producing live video and blog content on a weekly basis. Paul is the author of The Perfect Investment—Create Enduring Wealth from the Historic Shift to Multifamily Housing (2016) and is the Managing Director of two commercial real estate funds at Wellings Capital.

It’s not just wired funds, but phony cashier’s checks as well. Scammer, usually from overseas, contacts attorney or broker and says they want to purchase property in your area, but can’t get out in person right away. They send a large sum of money to be deposited in a trust account to cover the down payment, your fees or commission, and ask you to handle the transaction. The cashier’s check arrives — it looks legit — and you deposit it into your trust account. Scammer then contacts you to cancel the transaction, citing contingency, change in plans, whatever, and asks you to deduct your fees and/or commission, and return the balance. Very generous. If you do, you end up sending a Good check — for which you are 100% liable — only to find out a couple of weeks later was drawn on a deposit based on a Bad check. Several people have been hit with this scam.

I always get nervous sending out wires for 6 figure transactions. I wired $120,000 yesterday and since it was my first wire for this amount of money, I looked up the bank routing number on the internet along with the account number and verified it was the Title Company (I called the Title Company every 30 minutes to ask if they received it yet). I much rather get a certified check which some Title companies are not accepting because of counterfeit certified checks. $225,000 would have wiped out all of my Real Estate investment money and I would have to go back to a day job!

I didn’t even open my email when I saw the title of the blog. I was so paranoid I actually checked this site instead to make sure that it wasn’t an ironic fraud that I was being tricked into.
A serious warning to be sure especially since I am moving in this direction in the future. Thank you

Thanks Paul for alerting us. I had a different kind of account hacking problem last year. There was a deposit of $2.23 into my business account followed by another deposit of some amount like $1.97. Then the same day there was a withdrawal of a fairly large amount which I had in my account. It took several days for Bank of America to investigate and advise me to close down that account and open a new one. Luckily they also gave me credit for the unauthorized transactions. I need suggestions on how to protect myself from this kind of hacking.

Asad, thanks for commenting. Glad your bank was able to take care of those transactions for you. As Deanna mentioned below, I would like to know more details about how the hacking occurred before suggesting solutions for the future…

Assad – I understand the purpose of the two small deposits (to confirm it was a legitimate account), but not how the withdrawals were accomplished. Was it an e-mail account that was hacked, or just the scammers knowing your account number (info easily available on every single check written to anyone).

This nearly happened to the seller of a new rental property I closed on about two weeks ago. She was in escrow for a new house in another state, and received “urgent” wiring instructions several days earlier than expected. Reason: email of her closing attorney’s office was hacked, and bogus wiring instructions sent out. She called the office to double check, and was able to dodge a bullet. Bastards are getting good at stealing money from many investors though.

Jade, thanks for sharing. Glad the seller was able to avoid that! While some business transactions are truly “urgent” or “time sensitive”, those are phrases fraudsters use to get people. They know if potential victims think through something long enough, they probably won’t fall for it.

This is the nightmare scenario I think most all of worry about. I’ve been wiring 6 figure amounts for a few years now, but I never really get too complacent about it. Due diligence is key, check and verify and then check and verify again, and most of all assume nothing. Put yourself in the scammers shoes and try to think like they think.

Just the unfortunate new reality of the new virtual world we all live in these days.

Wow, Thanks for the heads up. I just purchased a piece of property from an owner who lives in Amman Jordon, and was glad to see my banker instruct their wiring department to check the IBAN and Swift Codes authenticity before sending the funds. Great Article.

When wire fraud happened to me, my banker DID check the authenticity of the account. My money was being transferred into a legitimate account that had been open for 20+ years. This is common, since criminals are essentially washing the money through a legitimate account, but have the means of getting it out of that account too.

I was targeted twice the thief cloned my realtors email address and sent me wire instructions to send the money for closing. of course i did not fall for it. however, the email was credible i can see some folks falling for it. great article and unfortunately very true.

Great article Paul. I think you left out the most important part of the article, though. You mentioned “The FBI later explained how the email phishing scheme worked and pointed out a few telltale signs within the email that was transmitted.” However, you never said what the telltale signs are to look for in a phishing e-mail. It would have help the article to know what those were.

What was the name of the Bank that alerted the client of the fraudulent Account? And, who were the 4 banks that allowed the funds to be transferred, without the fraud detection? Having a bank that has high level fraud prevention would be a nice secondary safety net.

Great article, especially in this day and age where we rely more and more on the internet and e-mail to complete transactions. It’s a great tip to call and confirm wire instructions prior to hitting that ‘send’ button.

Thanks for bringing this article to light Paul! Very informative read. I am always amazed and disgusted at what the criminal mind is capable of doing. I am just glad that everyone was made whole again and are still able to successfully maintain a strong trusting relationship after such a horrible incident. I guess it is true what they say about RE, its all about establishing relationships! Thanks again Paul for sharing!

Tony, thanks for your comment. Over and over in my career I have found this to be true: relationships are so so so important. It’s so essential to take care of your relationships, and to do the right (ethical) thing even when it’s difficult.

It’s not just hackers going into your email account, the last two times I purchased properties within 6 months of each other, both times I went into Chase to wire the monies to the title co, and both times was serviced by the same Chase rep, and both times within 24 hours I had to change my password because of multiple attempts at someone trying to log into my account. Weird circumstance? Who knows but I will not be letting this same rep send my next wire.

Jason, as far as I know they never found out who the scammer was and they never recovered the money. Unfortunately criminals are getting smarter…but luckily there are so many ways to avoid this kind of thing!

I am a realtor and this happened to my client, 2 days(Friday evening) before closing my clients wired the money to the title company. Wire instructions came from my clients attorney, the only difference was his attorneys email got intercepted and the wire instructions were swapped out., my client wired $600K….and poof it would have all gone in one second only if we would have not found out on saturday afternoon something was not right….!

My client got an email from buyers attorney saying closing has to be rescheduled from Monday to Wensday or thursday due to family emergency from the seller.

Seller got same email from my clients attorney stating my client is still gathering funds for closing, sellers broker called me and said this is bull shitt, two days before closing your clients don’t have funds? I was like wait….my client already wired them….at that point we were all frantically calling each other and quickly figured out what had happened!

My client was a very resourceful and smart person as well had really high level contacts in FBI and they traced his money down by sunday evening! In all this he did loose a $30k+ because the funds were broken down by the scammers and sent in different directions…..but he found most of his money back! This doesn’t happen often, but I am glad my client found his money! It was horrific, they are really nice people and God watched over them!

Since then, before closings I always tell my clients please call the title company and make sure the wiring instructions are legit and then only transfer the funds, and call and verify if they received the funds after you transfer it!

I truly hope and pray scams never happen to anyone, it takes a lifetime to earn money and save them!

This happened to me too, except it was $41k for me. We all hear stories like this and think it can’t happen to us, or we think we’d ‘see the signs’ before ever wiring that amount of money. I was closing on my 2nd deal this past June, and got an email from my attorney, on exactly the date I had expected with wiring instructions. It included a password protected attachment with the wire instructions, that were on the law firm’s letterhead. Great, I had been expecting just that. I went to the bank, and the banker even said “I need to warn you, that wire fraud is on the rise, so are you entirely sure you know who you’re sending this money to.” I re-read the email, looked over the wire transfer instructions (it even contained the date of my closing, and a breakdown of the amount to close). “Yup, I’m good” I replied. The next morning, I called the attorney to make sure they had received the wire transfer. Her response was “I haven’t sent you any wire transfer instructions.”

All of this led up to about the worst 48 hours of my life. I contacted local law enforcement, the FBI’s Wire Fraud/Cyber Security division and couldn’t even get anyone to speak with me – NOBODY! The FBI reports incidents of wire fraud each year, but the subtext is, they have no interest in investigating individual situations. 6 months later, I haven’t even so much has gotten a return call from them. So be aware, if this happens to you, you’re on your own! Even local law enforcement did nothing.

To make a long story short – I previously lived in the city where the fraudulent account was located, so I called a friend, who happened to know a police officer there. The account got frozen, and because my bank is an affiliate of the bank where the fraudulent account was located (again, pure luck), they reversed the transfer 2 days later. I got the money back. The shocking part was that the money was still in the account.

I spoke to an attorney who told me “I need to be honest with you, you have less than a 1% chance of ever seeing that money again.” I knew he was right, but I got lucky!

I brought a bank check to the closing instead. I told my attorney, I don’t care if it delays the closing.

It’s a fine article, but it wouldn’t be necessary if title companies would update to the 21st century. You mention DocuSign and phone calls as preventative methods but it is a myth that either help. Hackers can (and do) easily send fraudulent DocuSign emails and setup fake phone numbers.

There are web-based services that exist that eliminate this problem (e.g. BuyerDocs). But again, title companies are stuck in the past when it comes to technology and believe DocuSign and phone calls will protect them.

It was on a weekend when my husband was looking through his emails then realized the company we jointly run wrongly transferred GBP 778,908 to a fraudulent account, The company was pretty young and we both have invested almost all we had to keep the company floating. Things were very tough for us as we lost our home about this same time. After so much attempt with the bank for refund all was abortive until my friend recommended adler.frank50 @ gmail .com we have been able recover 80% of our lost money in just a month. If you are ever in this situation don’t loose hope, you still have a chance. make sure you have the proof of the transaction. The bank is just another fraudulently designed platform.